Author: Jeff Bittner, Founder and President of Exit Technologies
Evolving malware is a constant threat to data storage. Data breaches have been a thorn in IT’s side for as long as companies have been storing data, and every year it seems like the data breaches are an inescapable reality – even for the best of us. But there is a new technology that is making some big strides in countless industries, and data security could highly benefit.
That technology is Artificial Intelligence, and many claim that it will revolutionize the way we think about protecting data. Currently, companies have to contend with massive attack surfaces as their networks and the data volume they handle grows.
Machine Learning From Antivirus Data
One specific area within data security is especially promising for AI. Traditional antivirus (AV) software identified specific malware by signature, but that method presents a few problems. Hackers could simply make small changes to their malware – and as a result, its signature – in many cases enabling it to slip past AV software undetected.
Current AI antivirus technology offers a far more sophisticated solution, although it’s not AI in the traditional sense – despite how it’s branded. This technology uses machine learning (ML), which involves training a program with a large collection of malware data until it learns to recognize the characteristics of potential malware threats in general, as opposed to directly looking for ‘signatures,’ or the specific identity of particular malware.
The end result is that as long as the programs are kept up to date with new malware to consistently train from, they can even prevent malware with complete new signatures from posing a threat, without having to update their software as strictly.
This works well, because we already have a large body of data to train the programs on, and most new malware is not ‘new’ in the sense that it usually builds off of the foundations of other malicious programs. If your machine learning program has seen countless other malware programs with 70% of the same core functionality, then a hacker is going to have to invest a massive amount of time into creating malware that isn’t so familiar if they want a chance at breaking through.
While this isn’t the guarantee that many of the cybersecurity AI firms claim, it provides enough of a deterrent to protect against most of the typical threats; hackers that aren’t inclined to write a full malware program completely from scratch.
One caveat is that without a large enough set of data, these programs can’t be trained as effectively. For example, we do not have enough data from network attacks to reliably train machine learning programs. There have been several hopeful attempts to find a suitable dataset, but none that ended with success.
AI: The Solution To Human Error
An equally significant problem is human error. If an authorized person is the one facilitating the breach, even the best security tools won’t help you, and there are many areas in which this is the norm.
The reality is that most data breaches are not the result of malware brute forcing its way through firewalls undetected. Most are caused by simple mistakes. Ask 100 CISOs what they attribute most data breaches to and the primary answer by a landslide will be human error. We’re understaffed, underfunded, and undertrained.
Social engineering education is a notoriously effective solution because employees simply aren’t trained to defend against common social engineering hacking tactics. In fact, you don’t need to hack anything when the employees let you in with a smile. But if our employees are trained, ML can be a powerful complement to proper practices where otherwise employees might be compromised.
For example, a tool named Onfido (https://onfido.com/gb) can be used to prevent identity fraud by verifying the login with a photo ID, a selfie, and machine learning algorithms. They make sure the right person is trying to log in, and crawl the internet for any potential problems with the identity. Even with compromised passwords, fraudulent data access could be prevented with this technology.
Monitoring Behavior Patterns
Another type of machine learning is capable of identifying the baseline of behavior online for a particular identity, and then flagging any deviation from the standard pattern. This would be sort of like the credit card company calling when someone makes a charge on your card in Jamaica, but in the digital landscape instead.
In conclusion, machine learning, and perhaps eventually true AI, can provide a powerful complement to effective data security practices, but until we commit to investing in InfoSec and personnel training, AI is not the data breach savior. Just a very powerful tool.
Jeff Bittner founded Exit Technologies in 1989, recognizing a significant opportunity to help enterprises improve the liquidity of their IT hardware. A consummate entrepreneur, Mr. Bittner has built, expanded, or laterally transitioned successful companies for over three decades. As an R2 certified global IT asset disposition company (ITAD), Exit Technologies is headquartered in Naples, Florida. Having the R2 Certified systems in place would allows Exit Technologies to certify with 100% accuracy that all data is sanitized permanently from IT equipment, protecting customers from having their equipment end up as a pollutant in the environment.
To find out more about Exit Technologies, visit their website here.